Attackers use zero-day to deploy new Sodinokibi ransomware strain on unpatched Oracle WebLogic servers.

Oracle publishes rare out-of-band security update for WebLogic servers Oracle releases additional fix to patch a bug for the second time after the publication of proof-of-concept exploit code.

Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication.